3d57a8eaf8aa6254ac646e5cc2a6db30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d57a8eaf8aa6254ac646e5cc2a6db30_JaffaCakes118
Size

849KB
MD5

3d57a8eaf8aa6254ac646e5cc2a6db30
SHA1

8160020c602a826c724ead004aa97b2f5926bf0a
SHA256

ebd948be8fe7809d160490f71ac4782e7209d33f66aedb2a5b0b125a6ed4626d
SHA512

ddfba711df71414b85e32f6a7efd51ec5d8ed36c8615449fbbb8296f5dcee4b158b8e8d76d5cad2ef03ebec5ec87e32e9f643a06fa4a89dfd487d1c4b688797f
SSDEEP

24576:BovuZ7mT/TvRdghkApb089oXsBOob93+UE:BovuZ7mvvRdghT4cgsBO9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d57a8eaf8aa6254ac646e5cc2a6db30_JaffaCakes118

Files

3d57a8eaf8aa6254ac646e5cc2a6db30_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3df4008be6f183660ffe386d597a6552

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

inetcomm

MimeOleGetPropertySchema
CreateRangeList
EssKeyExchPreferenceDecodeEx
HrAttachDataFromBodyPart
MimeOleCreateBody
EssContentHintDecodeEx
MimeOleCreatePropertySet
CreatePOP3Transport
EssReceiptRequestDecodeEx
MimeOleSetBodyPropA
HrGetAttachIconByFile
EssSignCertificateEncodeEx
MimeEditGetBackgroundImageUrl
MimeOleEncodeHeader
MimeEditViewSource
MimeOleSMimeCapRelease
HrGetLastOpenFileDirectory
MimeOleGetFileInfo
EssReceiptEncodeEx
MimeOleGetCharsetInfo
MimeOleSetDefaultCharset
MimeOleCreateSecurity
MimeOleSetBodyPropW

kernel32

FreeLibraryAndExitThread
CreateIoCompletionPort
GlobalHandle
LocalLock
GetProcessAffinityMask
LoadLibraryA
GetEnvironmentStringsW
DeleteFileA
EnumSystemGeoID
DosPathToSessionPathW
SetHandleInformation
ReadFileEx
EnumCalendarInfoA
CallNamedPipeA
SetThreadContext
VirtualAlloc
IsDBCSLeadByteEx
FindNextVolumeA
GetNumaProcessorNode
IsProcessorFeaturePresent

comctl32

ImageList_SetBkColor
ImageList_DragLeave
FlatSB_SetScrollProp
FlatSB_GetScrollRange
ImageList_GetIconSize
ImageList_Create
FlatSB_SetScrollInfo
ImageList_GetIcon
PropertySheetA
ImageList_Add
ImageList_GetImageInfo
CreateToolbar
CreateUpDownControl
ImageList_AddMasked
InitializeFlatSB
DrawStatusTextA
FlatSB_GetScrollPos
LBItemFromPt
ImageList_GetBkColor

ntdll

_CIcos
strcspn
RtlCreateRegistryKey
RtlIpv6StringToAddressW
ZwSetTimerResolution
RtlFindCharInUnicodeString
RtlDosPathNameToNtPathName_U
NtPulseEvent
strcat
VerSetConditionMask
PfxRemovePrefix
DbgPrintEx
LdrShutdownThread
ZwCreateSection
ZwFlushVirtualMemory
ZwOpenTimer
ZwQueryInformationFile
wcspbrk
RtlEqualComputerName
RtlAddActionToRXact
ZwInitiatePowerAction
NtWaitForMultipleObjects
NtQueryInstallUILanguage
RtlCutoverTimeToSystemTime
LdrUnloadAlternateResourceModule

Sections

.text
Size: 725KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df4008be6f183660ffe386d597a6552

Headers

DLL Characteristics

File Characteristics

Imports

inetcomm

kernel32

comctl32

ntdll

Sections

.text Size: 725KB - Virtual size: 725KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 4KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 725KB - Virtual size: 725KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 4KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB